The SELinux web site <http://www.nsa.gov/selinux/> including the mail
list archive has been updated. The site includes a new release of the
LSM-based SELinux prototype. The base 2.5 kernel version has been
updated to 2.5.58. The base 2.4 kernel version remains at 2.4.20, but
the LSM patch and the SELinux module for 2.4 have changed since the last
release. New contributed policy analysis and policy management tools
have been added to the provided tools and utilities. Hooks for xattr
operations were added to 2.4. Inode security initialization has been
reworked using the d_instantiate hook. The nfsd private file bug in 2.4
has been fixed and the task_kill bug in 2.5 has been fixed. Configuring
the SELinux Policy, a technical report included in the documentation,
has been updated to reflect recent changes.
Security-enhanced Linux incorporates a strong, flexible mandatory
access control architecture into the major subsystems of the Linux
kernel. The system provides a mechanism to enforce the separation of
information based on confidentiality and integrity requirements. This
allows threats of tampering and bypassing of application security
mechanisms to be addressed and enables the confinement of damage that
can be caused by malicious or flawed applications. The SELinux web
site <http://www.nsa.gov/selinux/> contains background information,
documentation, source code, and archives for the selinux mailing-list.
--
Howard Holm <hdholm _at_ epoch.ncsc.mil>
Secure Systems Research Office
National Security Agency
##########################################################################
# Send submissions for comp.os.linux.announce to: cola _at_ stump.algebra.com #
# PLEASE remember a short description of the software and the LOCATION. #
# This group is archived at http://stump.algebra.com/~cola/ #
##########################################################################
